Bug 227771

Summary: Return error for statement if the transaction it belongs to is rolled back
Product: WebKit Reporter: Sihui Liu <sihui_liu>
Component: WebCore Misc.Assignee: Sihui Liu <sihui_liu>
Status: NEW    
Severity: Normal CC: cdumez, ggaren, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 227887    
Attachments:
Description Flags
Patch
none
Patch
none
Patch
none
Patch
none
Patch
none
Patch
ews-feeder: commit-queue-
Patch
none
Patch
none
Patch sihui_liu: review?, ews-feeder: commit-queue-

Sihui Liu
Reported 2021-07-07 14:13:49 PDT
...
Attachments
Patch (13.94 KB, patch)
2021-07-07 14:45 PDT, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Patch (14.02 KB, patch)
2021-07-08 01:03 PDT, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Patch (14.12 KB, patch)
2021-07-08 12:56 PDT, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Patch (14.23 KB, patch)
2021-07-08 20:32 PDT, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Patch (24.75 KB, patch)
2021-07-08 23:22 PDT, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Patch (25.19 KB, patch)
2021-07-09 12:02 PDT, Sihui Liu 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (25.19 KB, patch)
2021-07-09 12:09 PDT, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Patch (25.28 KB, patch)
2021-07-09 12:27 PDT, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Patch (5.96 KB, patch)
2021-07-13 17:43 PDT, Sihui Liu 		sihui_liu: review?
ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Show Obsolete (8) View All Add attachment proposed patch, testcase, etc.
Sihui Liu
Comment 1 2021-07-07 14:45:14 PDT
Created attachment 433080 [details] Patch
Sihui Liu
Comment 2 2021-07-08 01:03:32 PDT
Created attachment 433125 [details] Patch
Sihui Liu
Comment 3 2021-07-08 12:56:08 PDT
Created attachment 433156 [details] Patch
Sihui Liu
Comment 4 2021-07-08 20:32:02 PDT
Created attachment 433196 [details] Patch
Sihui Liu
Comment 5 2021-07-08 23:22:42 PDT
Created attachment 433200 [details] Patch
Chris Dumez
Comment 6 2021-07-09 09:40:48 PDT
Comment on attachment 433200 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=433200&action=review I don't really understand the purpose of this patch and there is no test to show the usefulness either. Here are some random comments though. > Source/WebCore/Modules/webdatabase/SQLTransaction.cpp:-209 > - m_sqliteTransaction->stop(); Why is this no longer stopping the transaction? I am assuming it is not needed because the destructor already takes care of stopping the transaction? Either way, I think a comment in the changelog for this function would be helpful understand such changes. > Source/WebCore/platform/sql/SQLiteDatabase.cpp:739 > + return !m_writeTransactionInProgress || !m_writeTransactionInProgress->rolledBackBySQLite(); I don't understand this logic. So if `!m_writeTransactionInProgress` (meaning there is no write transaction in progress), then I have a valid transaction? I would have expected: return m_writeTransactionInProgress && !m_writeTransactionInProgress->rolledBackBySQLite(); Either there is a bug or at the very least, this code is confusing. > Source/WebCore/platform/sql/SQLiteDatabase.h:163 > + SQLiteTransaction* writeTransactionInProgress() const { return m_writeTransactionInProgress; } Having a getter start with "write" seems a bit confusing to me. > Source/WebCore/platform/sql/SQLiteDatabase.h:179 > + SQLiteTransaction* m_writeTransactionInProgress { nullptr }; We store store raw pointers as data members anymore. This is a security bug waiting to happen. If you really need a pointer, it should probably be a WeakPtr. > Source/WebCore/platform/sql/SQLiteTransaction.h:47 > + bool rolledBackBySQLite() const; How is this new name a progression? Seems to go against WebKit coding style that states we should use prefixes for booleans.
Chris Dumez
Comment 7 2021-07-09 09:42:15 PDT
Comment on attachment 433200 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=433200&action=review >> Source/WebCore/platform/sql/SQLiteDatabase.h:179 >> + SQLiteTransaction* m_writeTransactionInProgress { nullptr }; > > We store store raw pointers as data members anymore. This is a security bug waiting to happen. If you really need a pointer, it should probably be a WeakPtr. I meant: we avoid storing raw pointers as data members nowadays.
Sihui Liu
Comment 8 2021-07-09 11:36:21 PDT
(In reply to Chris Dumez from comment #6) > Comment on attachment 433200 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=433200&action=review > > I don't really understand the purpose of this patch and there is no test to > show the usefulness either. Here are some random comments though. For a explicit transaction, we usually begin the transaction, run some statements, and commit/abort the transaction. Currently we rely on the caller of SQLiteTransaction to track the state. If the caller fails to check the state, the statements may run as separate transactions . This patch aims to ensure the statements inside a write transaction are executed together. It does not handle read transactions as the consequences are not as bad if read statements are run separately. This will help us to implement aborting all SQLiteTransactions synchronously on suspension: all subsequent statements in the same transaction scope will fail. > > > Source/WebCore/Modules/webdatabase/SQLTransaction.cpp:-209 > > - m_sqliteTransaction->stop(); > > Why is this no longer stopping the transaction? I am assuming it is not > needed because the destructor already takes care of stopping the > transaction? Either way, I think a comment in the changelog for this > function would be helpful understand such changes. Will add. > > > Source/WebCore/platform/sql/SQLiteDatabase.cpp:739 > > + return !m_writeTransactionInProgress || !m_writeTransactionInProgress->rolledBackBySQLite(); > > I don't understand this logic. So if `!m_writeTransactionInProgress` > (meaning there is no write transaction in progress), then I have a valid > transaction? > > I would have expected: > return m_writeTransactionInProgress && > !m_writeTransactionInProgress->rolledBackBySQLite(); > > Either there is a bug or at the very least, this code is confusing. This is for checking in step(); the statement cannot be stepped if you are in a state where you begin a write transaction and the transaction is invalid. The statement can be executed if you don't start explicit transaction, or it's a read transaction. > > > Source/WebCore/platform/sql/SQLiteDatabase.h:163 > > + SQLiteTransaction* writeTransactionInProgress() const { return m_writeTransactionInProgress; } > > Having a getter start with "write" seems a bit confusing to me. Will rename it to hasWriteTransactionInProgress. > > > Source/WebCore/platform/sql/SQLiteDatabase.h:179 > > + SQLiteTransaction* m_writeTransactionInProgress { nullptr }; > > We store store raw pointers as data members anymore. This is a security bug > waiting to happen. If you really need a pointer, it should probably be a > WeakPtr. Will update. > > > Source/WebCore/platform/sql/SQLiteTransaction.h:47 > > + bool rolledBackBySQLite() const; > > How is this new name a progression? Seems to go against WebKit coding style > that states we should use prefixes for booleans. Will revert.
Sihui Liu
Comment 9 2021-07-09 12:02:18 PDT
Created attachment 433230 [details] Patch
Sihui Liu
Comment 10 2021-07-09 12:09:45 PDT
Created attachment 433231 [details] Patch
Sihui Liu
Comment 11 2021-07-09 12:27:24 PDT
Created attachment 433232 [details] Patch
Sihui Liu
Comment 12 2021-07-13 17:43:40 PDT
Created attachment 433465 [details] Patch
Radar WebKit Bug Importer
Comment 13 2021-07-14 14:14:25 PDT
<rdar://problem/80596229>
Note You need to log in before you can comment on or make changes to this bug.